Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/3pTgOUW6jJVDeqPo_tRjltbtKJo.roa
File: 3pTgOUW6jJVDeqPo_tRjltbtKJo.roa (raw, json)
Hash identifier: HC8B9vR46e06TFq5dbvCv2vQcRrcx7lixShRbWefc5A=
Subject key identifier: DE:94:E0:39:45:BA:8C:95:43:7A:A3:E8:FE:D4:63:96:D6:ED:28:9A
Certificate issuer: /CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Certificate serial: 018BCD4168033436B746A80C0329DC977507
Authority key identifier: 4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/3pTgOUW6jJVDeqPo_tRjltbtKJo.roa
Signing time: Tue 14 Nov 2023 09:54:57 +0000
ROA not before: Tue 14 Nov 2023 09:54:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198034
IP address blocks: 185.153.28.0/23 maxlen: 23
185.153.30.0/23 maxlen: 23
45.10.44.0/24 maxlen: 24
2a12:9240::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:cd:41:68:03:34:36:b7:46:a8:0c:03:29:dc:97:75:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f99e4eae48a01c781faad11f6d81a91ea33bdff
Validity
Not Before: Nov 14 09:54:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=de94e03945ba8c95437aa3e8fed46396d6ed289a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:77:f7:5b:8b:ac:d4:74:27:9d:32:c9:2e:c8:
9d:9f:bc:3c:db:29:dd:f1:be:3a:7f:b5:f7:d8:59:
7d:d9:d1:d7:9c:18:34:79:07:88:b2:9b:51:de:28:
94:ee:5e:a3:38:86:5a:20:b7:0b:ca:7a:ae:02:38:
ad:76:4b:17:9a:df:48:ee:74:02:40:5f:65:66:00:
89:95:4d:85:77:56:a2:b6:0d:30:3a:04:5a:32:d2:
1b:3c:72:0b:32:69:5e:cf:3c:a0:bf:84:7d:ea:60:
a4:82:95:dc:a6:cf:ac:d0:19:62:f4:70:c1:a5:93:
53:69:48:71:01:53:e1:0b:13:95:ef:10:fb:30:11:
d7:79:3b:4e:8e:bf:ea:de:c5:22:d0:2e:b2:df:e0:
5b:5c:4d:73:3f:3a:a3:36:88:14:ed:c2:de:c5:f4:
35:dd:7a:7f:1d:61:52:64:04:e4:2c:15:72:15:8e:
d4:09:f2:c1:4d:5b:21:d7:fc:00:0f:8a:c8:2d:0a:
3c:e1:92:55:87:90:d8:a0:cc:0f:d4:41:76:8c:7b:
a8:e0:e5:d5:d6:15:21:c9:59:68:39:5b:5d:f1:3e:
af:3e:bc:c8:76:fb:e6:8d:69:03:36:52:46:3d:a1:
78:1a:7c:75:d0:4d:23:b2:1a:b1:39:43:b4:5b:33:
93:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:94:E0:39:45:BA:8C:95:43:7A:A3:E8:FE:D4:63:96:D6:ED:28:9A
X509v3 Authority Key Identifier:
keyid:4F:99:E4:EA:E4:8A:01:C7:81:FA:AD:11:F6:D8:1A:91:EA:33:BD:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5nk6uSKAceB-q0R9tgakeozvf8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/3pTgOUW6jJVDeqPo_tRjltbtKJo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/19d313-777b-4044-a238-8b8f3f8d7303/1/T5nk6uSKAceB-q0R9tgakeozvf8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.44.0/24
185.153.28.0/22
IPv6:
2a12:9240::/32
Signature Algorithm: sha256WithRSAEncryption
21:b4:bd:6e:d3:32:59:27:9f:71:5b:ba:dc:57:2d:08:9a:fc:
23:ff:a1:0f:c0:23:36:68:3a:5c:c3:fe:e3:fe:56:aa:79:d9:
0b:dd:eb:d8:0e:83:07:27:46:6f:ab:91:b9:ce:21:b3:f6:69:
28:b0:9d:f9:11:52:8a:75:c6:a4:a1:78:bc:ed:80:35:ee:dd:
93:b0:0f:13:15:af:c6:77:37:f7:d1:90:58:66:07:b2:8e:34:
4f:b2:bc:87:9d:57:7e:15:82:7a:7e:16:e5:fd:4f:83:bd:1a:
ea:12:b9:db:44:d3:08:af:45:b4:57:75:c9:1a:9b:46:ae:2c:
bf:20:4c:f9:53:4c:48:b1:e7:c6:da:33:4f:c0:cb:1d:b4:82:
ed:08:40:07:a9:75:67:54:04:9f:a5:ff:58:2b:be:96:d1:61:
65:35:31:4e:70:86:0e:f0:84:5d:3a:31:eb:44:b1:ea:5e:35:
22:ac:e2:94:f2:57:f0:b5:41:5a:a4:fb:de:2d:64:cc:cb:50:
6b:27:08:3a:2c:00:f8:cf:81:93:62:dd:8f:41:e6:9f:cc:65:
6e:7c:14:6d:a9:a1:ec:9a:f1:da:22:4a:99:f1:b5:a6:f1:79:
8e:49:13:76:d1:93:82:4e:ff:ff:5d:5c:45:9c:3d:5b:d9:a7:
89:9b:dd:f8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYvNQWgDNDa3RqgMAyncl3UHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTllNGVhZTQ4YTAxYzc4MWZhYWQxMWY2ZDgxYTkxZWEz
M2JkZmYwHhcNMjMxMTE0MDk1NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTk0ZTAzOTQ1YmE4Yzk1NDM3YWEzZThmZWQ0NjM5NmQ2ZWQyODlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3f3W4us1HQnnTLJLsidn7w82ynd
8b46f7X32Fl92dHXnBg0eQeIsptR3iiU7l6jOIZaILcLynquAjitdksXmt9I7nQC
QF9lZgCJlU2Fd1aitg0wOgRaMtIbPHILMmlezzygv4R96mCkgpXcps+s0Bli9HDB
pZNTaUhxAVPhCxOV7xD7MBHXeTtOjr/q3sUi0C6y3+BbXE1zPzqjNogU7cLexfQ1
3Xp/HWFSZATkLBVyFY7UCfLBTVsh1/wAD4rILQo84ZJVh5DYoMwP1EF2jHuo4OXV
1hUhyVloOVtd8T6vPrzIdvvmjWkDNlJGPaF4Gnx10E0jshqxOUO0WzOTBwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFN6U4DlFuoyVQ3qj6P7UY5bW7SiaMB8GA1UdIwQY
MBaAFE+Z5OrkigHHgfqtEfbYGpHqM73/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgt
OGI4ZjNmOGQ3MzAzLzEvM3BUZ09VVzZqSlZEZXFQb190UmpsdGJ0S0pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xOWQzMTMtNzc3Yi00MDQ0LWEyMzgtOGI4ZjNmOGQ3MzAz
LzEvVDVuazZ1U0tBY2VCLXEwUjl0Z2FrZW96dmY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALQosAwQC
uZkcMA0EAgACMAcDBQAqEpJAMA0GCSqGSIb3DQEBCwUAA4IBAQAhtL1u0zJZJ59x
W7rcVy0Imvwj/6EPwCM2aDpcw/7j/laqedkL3evYDoMHJ0Zvq5G5ziGz9mkosJ35
EVKKdcakoXi87YA17t2TsA8TFa/Gdzf30ZBYZgeyjjRPsryHnVd+FYJ6fhbl/U+D
vRrqErnbRNMIr0W0V3XJGptGriy/IEz5U0xIsefG2jNPwMsdtILtCEAHqXVnVASf
pf9YK76W0WFlNTFOcIYO8IRdOjHrRLHqXjUirOKU8lfwtUFapPveLWTMy1BrJwg6
LAD4z4GTYt2PQeafzGVufBRtqaHsmvHaIkqZ8bWm8XmOSRN20ZOCTv//XVxFnD1b
2aeJm934
-----END CERTIFICATE-----
Generated at Mon Jan 1 14:10:34 2024 by rpki-client on console.sobornost.net